In the legacy architecture typically found in electronic access control, there is a credential reader mounted at an access point or door. When a user presents a credential to the reader and the credential is read, the credential reader sends the credential data to an access controller mounted somewhere on the premises behind the secure side of the door. The access controller then compares the data received from the electronic credential reader with a database of valid access credentials. If the credential is determined to have valid access privileges the controller energizes a relay that momentarily enables the unlocking mechanism of the door.
In early systems, the communication between the credential and reader contained no security measures at all. This made the credential data transmitted by the credential reader a point of vulnerability for the system, prone to interception by malicious actors. There are millions of electronic credential readers in use today at various commercial, industrial, military, and other institutions. It is therefore desirable to have improvements in electronic access control.